Service providing system, service delivery system, service providing method, and non-transitory recording medium

ABSTRACT

A processor associates with one another terminal identifiers for identifying terminals. Each terminal identifier includes a to-be-authenticated section common to the terminal identifiers and used to authenticate a user. The processor associates the terminal identifiers with one another as respective terminal identifiers for a communication source and a communication destination that can perform communication with the communication source. Upon receiving from a first terminal as a communication source a first terminal identifier for identifying the first terminal and a second terminal identifier for identifying a second terminal as a communication destination, the processor transmits a request to the second terminal to start communication with the first terminal for a case where the first and second terminal identifiers are associated with one another. Otherwise the processor does not transmit a request to the second terminal to start communication with the first terminal.

CROSS-REFERENCE TO RELATED APPLICATIONS

The present patent application is a continuation of internationalapplication No. PCT/JP2017/012103, filed Mar. 24, 2017, which is basedon and claims priority to Japanese patent application No. 2016-066335filed Mar. 29, 2016. The contents of these applications are incorporatedherein by reference in their entirety.

FIELD OF THE INVENTION

The present invention relates to a service providing system, a servicedelivery system, a service providing method, and a non-transitoryrecording medium.

BACKGROUND ART

A system with which, in a case where a service is provided to a userthrough the Internet, the service is actually provided to the user afterterminal identification information (a terminal ID or the like) isdetermined as authorized information through a process where the user isauthenticated with the use of the terminal identification information ora password sent from the user's communication terminal is widely used(see Patent document 1).

SUMMARY

According to one aspect of the present invention, a service providingsystem for providing a service to a communication terminal includes aprocessor configured to associate with one another a plurality of piecesof terminal identification information for identifying differentcommunication terminals and to manage the plurality of pieces ofterminal identification information, each of the plurality of pieces ofterminal identification information including user identificationinformation that is a to-be-authenticated section to be used toauthenticate a user and is common to the plurality of pieces of terminalidentification information, the processor being further configured tomanage and associate the plurality of pieces of terminal identificationinformation with one another as a piece of terminal identificationinformation for a communication source and a piece of terminalmanagement information for a communication destination that can performcommunication with the communication source; to receive from a firstcommunication terminal as a communication source a first piece ofterminal identification information for identifying the firstcommunication terminal and a second piece of terminal identificationinformation for identifying a second communication terminal as acommunication destination; and, in response to receiving the first pieceof terminal identification information and the second piece of terminalidentification information, to transmit a request to the secondcommunication terminal to start communication with the firstcommunication terminal for a case where the first piece of terminalidentification information and the second piece of terminalidentification information are managed and associated with one anotherand not to transmit a request to the second communication terminal tostart communication with the first communication terminal for a casewhere the first piece of terminal identification information and thesecond piece of terminal identification information are not managed asbeing associated with one another.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is an overall configuration diagram illustrating one example of aservice delivery system according to an embodiment.

FIG. 2A is a left side view of one example of a photographing apparatus.

FIG. 2B is a front view of the example of the photographing apparatus.

FIG. 2C is a plan view of the example of the photographing apparatus.

FIG. 3 is an image diagram illustrating one example of a usage state ofthe photographing apparatus.

FIG. 4 is a hardware configuration diagram of one example of thephotographing apparatus 10.

FIG. 5 is a hardware configuration diagram illustrating one example ofcommunication terminals 3 a, 3 b, and 3 c.

FIG. 6 is a hardware configuration diagram of one example of each ofservice providing systems 5 a and 5 b and authentication systems 7 a, 7b, and 7 c.

FIG. 7 is a functional block diagram of one example of the servicedelivery system.

FIG. 8 is a conceptual diagram illustrating one example of a statemanagement table.

FIG. 9A illustrates one example of a configuration pattern of a terminalID (1/3).

FIG. 9B illustrates one example of a configuration pattern of a terminalID (2/3). FIG. 9C illustrates one example of a configuration pattern ofa terminal ID (3/3).

FIG. 10 is a conceptual diagram illustrating one example of anauthentication system management table.

FIG. 11 is a conceptual diagram illustrating one example of acommunication object management table.

FIG. 12A is a conceptual diagram illustrating one example of anauthentication management table of the authentication system 7 a.

FIG. 12B is a conceptual diagram illustrating one example of anauthentication management table of the authentication system 7 b.

FIG. 12C is a conceptual diagram illustrating one example of anauthentication management table of the authentication system 7 c.

FIG. 13 is a sequence diagram illustrating one example of anauthentication process (1/2).

FIG. 14 illustrates one example of a displayed authentication agentselection screen page.

FIG. 15 is a sequence diagram illustrating one example of anauthentication process (2/2).

FIG. 16 is a flowchart illustrating one example of managing of acommunication state of a communication terminal and a communicationobject.

FIG. 17A illustrates one example of a displayed request result screenpage (1/2).

FIG. 17B illustrates one example of a displayed request result screenpage (2/2).

FIG. 18 is a sequence diagram illustrating one example of a process tostart remote control.

FIG. 19 is a flowchart illustrating one example of a process todetermine whether remote control is possible.

FIG. 20A illustrates one example of a displayed request result screenpage (1/2).

FIG. 20B illustrates one example of a displayed request result screenpage (2/2).

FIG. 21 is a sequence diagram illustrating one example of a logoutprocess.

FIG. 22A illustrates one example of a displayed logout screen page(1/2).

FIG. 22B illustrates one example of a displayed logout screen page(2/2).

DESCRIPTION OF OF EMBODIMENTS

In the above-described system, if communication terminals of differingusers were able to perform communication with one another, one userwould, for example, perform remote control of a communication terminalof another user. Such a situation may cause disadvantageousness to theanother user. In order to prevent communication terminals of differingusers from performing communication with one another, security settingsshould be performed on communication of the respective communicationterminals, which may be difficult to implement through a simpleprocedure.

According to an embodiment of the present invention, a service providingsystem can prevent, by an easy method, communication terminals ofdiffering users from performing communication with one another.

Now, with the use of the drawings, the embodiment will be described.

<<Overall Configuration of Embodiment>>

FIG. 1 is an overall configuration diagram illustrating one example of aservice delivery system according to the embodiment. As illustrated inFIG. 1, the service delivery system 1 includes a plurality ofcommunication terminals (3 a, 3 b, and 3 c), a plurality of serviceproviding systems (5 a and 5 b), a plurality of authentication systems(7 a, 7 b, and 7 c), and a photographing apparatus 10. These elementscan perform communication with each other via a communication network 9such as the Internet.

The photographing apparatus 10 is, for example, a digital camera thatcaptures an image of a scene, for example, to generate a full sphericalpanoramic image. The communication terminal 3 a is, for example, asmartphone. The communication terminal 3 a performs communication withthe photographing apparatus 10 with the use of short-range wirelesscommunication technology such as Bluetooth (registered trademark). Forexample, as a result of the communication terminal 3 a transmitting tothe photographing apparatus 10 an instruction to start a photographingoperation, the photographing apparatus 10 transmits to the communicationterminal 3 a various data obtained from a photographing operation suchas image data and sound data. The photographing apparatus 10 cannot usethe communication network 9 by itself, and therefore, transmits throughthe communication terminal 3 a various data to the communication network9. The communication terminal 3 b is, for example, a personal computer.The communication terminal 3 c is, for example, a car navigationapparatus.

Note that, in FIG. 1, for the sake of simplifying the explanation, thethree communication terminals (3 a, 3 b, and 3 c), the two serviceproviding systems (5 a and 5 b), the three authentication systems (7 a,7 b, and 7 c), and the single photographing apparatus 10 areillustrated. However, the numbers of the elements are not limited tothese numbers of the elements. Further, hereinafter, out of thecommunication terminals (3 a, 3 b, and 3 c), any one of thecommunication terminals will be referred to as a “communication terminal3”. Out of the service providing systems (5 a and 5 b), either one ofthe service providing systems will be referred to as a “serviceproviding system 5”. Further, out of the authentication systems (7 a, 7b, and 7 c), any one of the authentication systems will be referred toas an “authentication system 7”.

Further, the service providing systems 5 and the authentication systems7 may be single computers, or each of the service providing systems 5and the authentication systems 7 may include a plurality of computers.The photographing apparatus 10 may be also a common digital camera thatdoes not have a function to generate a full spherical panorama image.

Further, a communication terminal 3 may be a smartphone, a personalcomputer, or a car navigation apparatus, as an example of a mobileterminal. Further, examples of the communication terminals 3 are notlimited to these devices. For example, a communication terminal 3 may bean information processing terminal, a business machine, a homeappliance, an electric component, a medical device, an industrialdevice, or the like. Examples of the mobile terminal include, inaddition to the above-mentioned devices, a smart watch, a head mountdisplay, a video conference terminal, a camera, a handheld terminal, anda drone. Examples of the information processing terminal include adesktop PC, a tablet PC, and a server. Examples of the business machineinclude a copier, a facsimile machine, a MFP (Multifunction Peripheral)that has functions of a copier and a facsimile machine, an electronicblackboard, a video conference terminal, and a projector. Examples ofthe home appliance include a television, an air conditioner, arefrigerator, a recorder, and a microwave oven. Examples of the electriccomponent include an electronic component such as an image pickupdevice. Examples of the medical device include a MRI (Magnetic ResonanceImaging) device, an EEG (Electroencephalography) device, a MEG(Magnetoencephalography) device, and an endoscope. Examples of theindustrial device include a construction machine and a working robot.

<How to Use Photographing Apparatus>

With the use of FIGS. 2A-2C and FIG. 3, how to use the photographingapparatus 10 will now be described.

With the use of FIGS. 2A-2C, the exterior of the photographing apparatus10 will now be described. FIG. 2A is a left side view of one example ofthe photographing apparatus, FIG. 2B is a front view of the example ofthe photographing apparatus, and FIG. 2C is a plan view of the exampleof the photographing apparatus. The photographing apparatus 10 is adigital camera for obtaining a photographed image from which a fullspherical (360°) panoramic image is generated.

As illustrated in FIG. 2A, the photographing apparatus 10 has such asize that a person can hold with his or her single hand. Further, asillustrated in FIGS. 2A-2C, at an upper section of the photographingapparatus 10, an image pickup device 103 a at a front side and an imagepickup device 103 b at a back side (rear side) are installed. Further,as illustrated in FIG. 2B, at a front side of the photographingapparatus 10, an operation part 115 such as a shutter button isinstalled.

Next, with the use of FIG. 3, a usage state of the photographingapparatus 10 will be described. FIG. 3 is an image diagram illustratingone example of a usage state of the photographing apparatus. Asillustrated in FIG. 3, the photographing apparatus 10 is used in such amanner that a user holds the photographing apparatus 10 with his or herhand and takes an image of an object or a scene around the user. In thiscase, as a result of the image pickup device 103 a and the image pickupdevice 103 b illustrated in FIGS. 2A-2C capturing images of an object ora scene around the user, two hemispherical images can be obtained.

<<Hardware Configuration of Embodiment>>

Next, with the use of FIGS. 4-6, the hardware configurations of thephotographing apparatus 10, the communication terminals 3, and theservice providing systems 5 according to the embodiment will bedescribed in detail.

<Hardware Configuration of Photographing Apparatus>

With the use of FIG. 4, the hardware configuration of the photographingapparatus 10 will now be described. Note that, FIG. 4 is a hardwareconfiguration diagram of one example of the photographing apparatus 10.Below, it is assumed that the photographing apparatus 10 is anomnidirectional photographing apparatus using the two image pickupdevices. However, the number of the image pickup devices may be three ormore. Further, the photographing apparatus 10 is not necessarilydedicated for omnidirectional photographing. That is, the photographingapparatus 10 may have substantially the same function as anomnidirectional photographing apparatus as a result of a retrofit-typeomnidirectional photographing unit being installed to a common digitalcamera, smartphone or the like.

As illustrated in FIG. 4, the photographing apparatus 10 includes animage pickup unit 101, an image processing unit 104, an image pickupcontrol unit 105, a microphone 108, a sound processing unit 109, a CPU(Central Processing Unit) 111, a ROM (Read-Only Memory) 112, a SRAM(Static Random Access Memory) 113, a DRAM (Dynamic Random Access Memory)114, the operation part 115, a network I/F 116, a communication part117, and an antenna 117 a.

The image pickup unit 101 includes wide-angle lenses (so-called fish-eyelenses) 102 a and 102 b, each of which has a field angle greater than orequal to 180° for forming a hemispherical image; and the two imagepickup devices 103 a and 103 b corresponding to the wide-angle lenses102 a and 102 b, respectively. The image pickup devices 103 a and 103 binclude image sensors such as CMOS (Complementary Metal OxideSemiconductor) sensors or CCD (Charge Coupled Device) sensors convertingoptical images obtained through the fish-eye lenses into electric imagedata signals; timing circuits generating horizontal or verticalsynchronization signals, pixel clocks, and so forth; and a group ofregisters in which various commands and parameters required foroperating the image pickup devices are set.

The respective image pickup devices 103 a and 103 b of the image pickupunit 101 are connected with the image processing unit 104 through aparallel I/F bus. The image pickup devices 103 a and 103 b of the imagepickup unit 101 are connected also with the image pickup control unit105 through a serial I/F bus (an I2C bus or the like). The imageprocessing unit 104 and the image pickup control unit 105 are connectedwith the CPU 111 through a bus 110. Further, to the bus 110, also theROM 112, the SRAM 113, the DRAM 114, the operation part 115, the networkI/F 116, the communication part 117, an electromagnetic compass 118, andso forth are connected.

The image processing unit 104 performs a predetermined process on imagedata output from the image pickup devices 103 a and 103 b through theparallel I/F bus, and combines the processed image data to generateMercator image data.

Generally speaking, the image pickup control unit 105 acts as a masterdevice, the image pickup devices 103 a and 103 b act as slave devices,and the image pickup control unit 105 sets commands and so forth to thegroup of registers of the image pickup devices 103 a and 103 b throughthe I2C bus. The commands and so forth are received from the CPU 111.Further, the image pickup control unit 105 uses also the I2C bus toreceive status data and so forth of the group of registers of the imagepickup devices 103 a and 103 b, and sends the status data and so forthto the CPU 111.

Further, in response to the shutter button of the operation part 115being pressed, the image pickup control unit 105 sends an instruction tothe image pickup devices 103 a and 103 b to output image data. Dependingon the photographing apparatus, a preview display function or a functionto display a moving picture by using a display may be implemented. Inthis case, the image pickup devices 103 a and 103 b output image datacontinuously at a predetermined frame rate (frames/second).

Further, as will be described later, the image pickup control unit 105also functions as a synchronization control part in cooperation with theCPU 111 to synchronize output timing of image data from the image pickupdevices 103 a and 103 b. Note that, according to the embodiment, thephotographing apparatus 10 does not have a display part. However, thephotographing apparatus 10 may have a display part.

The microphone 108 converts sound into sound (signal) data. The soundprocessing unit 109 receives sound data from the microphone 108 throughan I/F bus, and performs a predetermined process on the sound data.

The CPU 111 performs overall control of the photographing apparatus 10and performs required processes. The ROM 112 stores various programs forthe CPU 111. The SRAM 113 and the DRAM 114 are work memories, and storea program executed by the CPU 111, data that is being processed by theCPU 111, and so forth. Especially, the DRAM 114 stores image data thatis being processed by the image processing unit 104 and Mercator imagedata that has been processed.

As the operation part 115, various operation buttons, a power switch, ashutter button, a touch panel having both a display function and anoperation function, and so forth are generally referred to. The useroperates the operation buttons to input various photographing modes,photographing conditions, and so forth.

As the network I/F 116, interfaces (USB I/F and so forth) for externalmedia such as a SD card, a personal computer, and so forth are generallyreferred to. The network I/F 116 may be a network interface usable forboth wired communication and wireless communication. Mercator image datastored in the DRAM 114 is recorded in an external medium through thenetwork I/F 116 or is transmitted to an external apparatus such as acommunication terminal 3 through the network I/F 116 as the occasiondemands.

The communication part 117 performs communication with an externalapparatus such as a communication terminal 3 through the antenna 117 ainstalled at the photographing apparatus 10 according to short-rangewireless communication technology such as WiFi (wireless fidelity), NFC,or the like. It is possible to transmit Mercator image data also throughthe communication part 117 to an external apparatus such as acommunication terminal 3.

The electromagnetic compass 118 uses terrestrial magnetism to calculatethe orientation of the photographing apparatus 10 and outputsorientation information. The orientation information is one example ofrelated information (metadata) according to Exif, and is used for imageprocessing such as image correction on a photographed image. Note thatthe related information includes various data such as date and time whenan image is photographed and the data size of image data.

<Hardware Configuration of Smartphone>

FIG. 5 is a hardware configuration diagram illustrating one example of asmartphone. As illustrated in FIG. 5, a communication terminal 3 a asthe smartphone includes a CPU 301, a ROM 302, a RAM 303, an EEPROM 304,a CMOS sensor 305, an acceleration and orientation sensor 306, a mediumI/F 308, and a GPS receiving part 309.

The CPU 301 controls the entirety of the smartphone. The ROM 302 storesa program such as an IPL for driving the CPU 301. The RAM 303 is used asa work area for the CPU 301. The EEPROM 304 reads and writes variousdata such as the program for the smartphone under the control of the CPU301. The CMOS sensor 305 captures an image of a subject (mainly, animage of the user himself or herself) to obtain image data under thecontrol of the CPU 301. The acceleration and orientation sensor 306includes various sensors such as an electromagnetic compass to detectgeomagnetism, a gyrocompass, and an acceleration sensor. The medium I/F308 controls reading data from and writing (storing) data to a recordingmedium 307 such as a flash memory. The GPS receiving part 309 receivesGPS signals from GPSs.

Further, the smartphone includes a telecommunication circuit 311, acamera 312, an image pickup device I/F 313, a microphone 314, a speaker315, a sound input and output I/F 316, a display 317, an externalapparatus connection I/F 318, a short-range communication circuit 319,an antenna 319 a for the short-range communication circuit 319, and atouch panel 321.

The telecommunication circuit 311 performs communication with anotherapparatus through the communication network 9. The camera 312 is a typeof a built-in-type image pickup part for capturing an image of a subjectto obtain image data under the control of the CPU 301. The image pickupdevice I/F 313 controls driving of the camera 312. The microphone 314 isa type of a built-in-type sound collecting part for inputting sound. Thesound input and output I/F 316 performs processes to input a soundsignal from the microphone 314 and to output a sound signal to thespeaker 315 under the control of the CPU 301. The display 317 is a typeof a liquid crystal or organic EL display part to display an image of asubject, various icons, and so forth. The external apparatus connectionI/F 318 is an interface to connect to various external apparatuses. Theshort-range communication circuit 319 is a communication circuit thatuses NFC, Bluetooth (registered trademark), or the like. The touch panel321 is a type of an input part for the user to touch the display 317 tooperate the smartphone.

Further, the smartphone includes a bus line 310. The bus line 310includes an address bus, a data bus, and so forth to electricallyconnect with various elements illustrated in FIG. 5 such as the CPU 301.

<Hardware Configuration of Each of PC, Car Navigation Apparatus, ServiceProviding Systems, and Authentication Systems>

With the use of FIG. 6, a hardware configuration of each of the PC, thecar navigation apparatus, the service providing systems, and theauthentication systems will now be described. Note that FIG. 6 is ahardware configuration diagram of each of examples of the PC, the carnavigation apparatus, the service providing systems, and theauthentication systems. Each of the PC, the car navigation apparatus,the service providing systems, and the authentication systems is acomputer. Therefore, below, a configuration of a service providingsystem 5 will be described and descriptions of configurations of theother apparatuses and systems will be omitted.

A service providing system 5 includes a CPU 501 to control the entiretyof the service providing system 5, a ROM 502 to store a program such asan IPL to drive the CPU 501, a RAM 503 used as a work area of the CPU501, a HD 504 to store various data such as the program for the serviceproviding system 5, a HDD (Hard Disk Drive) 505 to control readingvarious data from and writing various data to the HD 504 under thecontrol of the CPU 501, a medium I/F 507 to control reading data fromand writing (storing) data to a recording medium 506 such as a flashmemory, a display 508 to display various information such as a cursor, amenu, a window, characters, and an image, a network I/F 509 to performdata communication through the communication network 9, a keyboard 511having a plurality of keys for the user to input characters, numericalvalues, various instructions, and so forth, a mouse for the user toselect and cause various instructions to be executed, to select anobject to process, to move the cursor, and so forth, a CD-ROM drive 514to control reading various data from and writing various data to aCD-ROM (Compact Disc Read-Only Memory) 513 as a type of a detachablerecording medium, and a bus line 510 such as an address bus, a data bus,and so forth to electrically connect the above-mentioned variouselements as illustrated in FIG. 6.

Note that recording media such as CD-ROMs to store the various programsaccording to the embodiment may be provided domestically orinternationally in the form of program products.

<<Functions of Embodiment>>

Next, functions of the embodiment will be described. FIG. 7 is afunctional block diagram illustrating one example of the servicedelivery system. Note that each of the functions that will now bedescribed may be implemented by one or more processing circuits. A“processing circuit” includes one or more devices out of a processorprogrammed by software to execute the function such as a processorimplemented by an electronic circuit; an ASIC (Application SpecificIntegrated Circuit), a DSP (digital signal processor), or a FPGA (fieldprogrammable gate array) designed to execute the function; aconventional circuit module; and so forth.

<Functions of Communication Terminals>

Hereinafter, with the use of the communication terminal 3 a for whichthe hardware configuration is illustrated in FIG. 5, the functions ofthe communication terminals 3 will be described. In this regard, eitherone of the communication terminals 3 b and 3 c also has functionssimilar to or the same as the functions of the communication terminal 3a.

As illustrated in FIG. 7, the communication terminal 3 includes atransmitting and receiving part 31, a receiving part 32, a displaycontrol part 33, a determination part 37, a short-range communicationpart 38, and a storing and reading part 39. Functions of these elementsare implemented as a result of any element(s) illustrated in FIG. 5operating according to instructions from the CPU 301 according to theprogram for the communication terminal 3 written in the RAM 303 from theEEPROM 304.

Further, the communication terminal 3 includes a storage part 3000implemented by the ROM 302, the RAM 303, and the EEPROM 304 illustratedin FIG. 5.

(Various Functions of Communication Terminals)

Next, with the use of FIG. 7, the various functions of the communicationterminal 3 will be described in more detail.

The transmitting and receiving part 31 of the communication terminal 3is implemented mainly by instructions from the CPU 301 illustrated inFIG. 5 and by the telecommunication circuit 311. Through thecommunication network 9, the transmitting and receiving part 31 performstransmitting/receiving of various data (or information) such as IDs(Identifications) and requests, to/from a service providing system 5 andan authentication system 7.

The receiving part 32 is implemented mainly by instructions from the CPU301 illustrated in FIG. 5 and by the touch panel 321, to receive anoperation performed by the user.

The display control part 33 is implemented mainly by instructions fromthe CPU 301 illustrated in FIG. 5, to display a predetermined screenpage on the display 317. Note that, in the case of the communicationterminal 3 a, the display control part 33 may use OpenGL ES (OpenGraphics Library for Embedded Systems) to paste Mercator image datatransmitted from the photographing apparatus 10 to cover a sphere tocreate a full spherical panoramic image.

The determination part 37 is implemented mainly by instructions from theCPU 301 illustrated in FIG. 5, and, as will be described later,determines, out of a code of a terminal ID, a user ID (ato-be-authenticated section) that will be described later. Note that aterminal ID according to the embodiment is one example of terminalidentification information. Terminal identification information may be,instead of a terminal ID, the product number of a terminal or the like.A user ID according to the embodiment is one example of useridentification information. User identification information may be,instead of a user ID, the name of a user, an individual number or “mynumber” according to the Japanese national citizen identification numbersystem, or the like.

The short-range communication part 38 is implemented mainly byinstructions from the CPU 301 illustrated in FIG. 5 and by theshort-range communication circuit 319, to perform communication with thephotographing apparatus 10 and so forth by using the short-rangecommunication circuit 319.

The storing and reading part 39 is implemented mainly by instructionsfrom the CPU 301 illustrated in FIG. 5, to store various data (orinformation) in the storage part 3000 and to read various data (orinformation) from the storage part 3000.

<Functions of Service Providing Systems>

Next, with the use of FIGS. 6-11, functions of the service providingsystems 5 will be described in detail. As illustrated in FIG. 7, aservice providing system 5 includes a transmitting and receiving part51, an authentication part 52, a search part 53, a determination part54, a removing part 55, and a storing and reading part 59. Therespective functions of the elements are implemented as a result of anyelement(s) illustrated in FIG. 6 operating according to instructionsfrom the CPU 501 according to the program for the service providingsystem 5 written from the HD 504 to the RAM 503.

Further, a service providing system 5 includes a storage part 5000implemented by the RAM 503 and the HD 504 illustrated in FIG. 6. Thestorage part 5000 stores various data sent from a communication terminal3 and an authentication system 7.

Further, the storage part 5000 includes a state management DB 5001, anauthentication system management DB 5002, and a communication objectmanagement DB 5003. The state management DB 5001 has a form of a statemanagement table that will be described later. The authentication systemmanagement DB 5002 has a form of an authentication system managementtable that will be described later. The communication object managementDB 5003 has a form of a communication object management table that willbe described later. These tables will now be described in detail.

(State Management Table)

FIG. 8 is a conceptual diagram illustrating one example of the statemanagement table. The state management table associates terminal IDs foridentifying communication terminals, communication state informationindicating the communication states of the communication terminals, andthe IP addresses of the communication terminals with each other andmanages these items of information. A communication state is one of anonline state and an offline state. Further, to an offline state, anorder of becoming online is attached. For example, in FIG. 8, thecommunication state “offline (1)” can first become an online state. Thecommunication state “offline (2)” can subsequently become an onlinestate. “The order of becoming online” will be further described later.Note that, the IP addresses in FIG. 8 illustrate addresses according toIPv4 in a simplified manner. Instead, the IP addresses may be addressesaccording to IPv6.

A service providing system 5 adds, in response to receiving a loginrequest from a communication terminal 3, a new record including theterminal ID of the communication terminal that is the request source tothe state management table and removes, in response to receiving alogout request from a communication terminal 3, the record including theterminal ID of the communication terminal that is the request sourcefrom the state management table. Adding a record and removing a recorddescribed above will be further described later.

FIGS. 9A-9C illustrate email addresses as examples of the terminal IDs(identifications); each of the email addresses includes ato-be-authenticated section and a not-to-be-authenticated section. Theto-be-authenticated section is a user ID to be used by an authenticationsystem 7 to perform authentication. The not-to-be-authenticated sectionis not used by an authentication system 7 to perform authentication.

According to a first pattern illustrated in FIG. 9A, ato-be-authenticated section include an account name “asai”, a host name“myhost”, and a first segment “ricoo.com” of a domain name. Anot-to-be-authenticated section includes a second segment “theta1” ofthe domain name. In this case, the extracting part 37 described laterseparates between the to-be-authenticated section and thenot-to-be-authenticated section by using a symbol “/”.

Further, also FIG. 9B illustrates the first pattern; however, anot-to-be-authenticated section is different from FIG. 9A. In thisregard, an authentication system 7 determines that the terminal IDillustrated in FIG. 9A and the terminal ID illustrated in FIG. 9B havethe same IDs to perform authentication because these terminal IDs havethe same to-be-authenticated sections.

Note that the terminal ID may be a terminal ID of a second patternillustrated in FIG. 9C. According to the second pattern, theto-be-authenticated section includes a first segment “asai” of anaccount name. The not-to-be-authenticated section includes a secondsegment “theta2” of the account name, a host name “myhost”, and a domainname “ricoo.com”. In this case, the extracting part 37 described laterseparates between the to-be-authenticated section and thenot-to-be-authenticated section by using a symbol “+”.

(Authentication System Management Table)

FIG. 10 is a conceptual diagram illustrating one example of theauthentication system management table. The authentication systemmanagement table associates, with the authentication system IDs foridentifying respective authentication systems 7, the URLs (UniformResource Locators) to access the authentication systems 7, and storesand manages these items of information.

(Communication Object Management Table)

FIG. 11 is a conceptual diagram illustrating one example of thecommunication object management table. The communication objectmanagement table associates the terminal IDs of communication terminalsof communication sources that request to start communication, with theterminal IDs of communication terminals of communication destinationsthat can perform communication with the communication terminals of thecommunication sources, and manages these items of information. Theterminal IDs associated with one another and managed for each record inthe communication object management table are used to managecommunication terminals which can perform communication with oneanother, and therefore, communication terminals identified by terminalIDs not associated with one another in a record of the communicationobject management table cannot perform communication with one another.According to the embodiment, terminal IDs having the same user IDs areassociated with one another. Therefore, communication terminals of thesame user can perform communication with one another while communicationterminals of differing users cannot perform communication with oneanother.

(Various Functions of Service Providing Systems)

Next, with the use of FIG. 7, the various functions of the serviceproviding systems 5 will be described in detail.

The transmitting and receiving part 51 of a service providing system 5transmits/receives various data (or information) such as IDs andrequests, to/from a communication terminal 3 and an authenticationsystem 7 through the communication network 9.

The authentication part 52 decrypts an encrypted token and authenticatesa decrypted token, for example.

The search part 53 searches the state management table to determine, outof pieces of communication state information associated with theterminal IDs of other communication terminals 3 including the user IDsthe same as the user ID included in the terminal ID of a communicationterminal 3, the number of pieces of communication state informationhaving online states, for example.

The determination part 54 determines whether the number of pieces ofcommunication state information having online states thus retrieved bythe search part 53 is less than a predetermined number, for example. Thepredetermined number is, for example, 10. In this case, the same usercan cause 10 own communication terminals to perform communication witheach other.

The removing part 55 removes, in response to receiving a logout requestfrom a communication terminal 3, the record including the terminal IDfor identifying the communication terminal 3 from the state managementtable, for example. Further, the removing part 55 removes, in responseto receiving a logout request from a communication terminal 3, therecord that is used to manage the terminal ID of the communicationterminal 3 as a communication terminal of a communication source fromthe communication object management table, for example. Removing arecord described above will be further described later.

The storing and reading part 59 stores various data in and reads variousdata from the storage part 5000.

<Functions of Authentication Systems>

Next, with the use of FIGS. 7 and 12A-12C, functions of theauthentication systems 7 will be described in detail. An authenticationsystem 7 includes a transmitting and receiving part 71, anauthentication part 72, and a storing and reading part 79. Functions ofthese elements are implemented as a result of any element(s) illustratedin FIG. 7 operating according to instructions from the CPU 501 accordingto the program for the authentication system 7 written from the HD 504to the RAM 503.

Further, an authentication system 7 includes a storage part 7000implemented by the RAM 503 and the HD 504 illustrated in FIG. 6. Thestorage part 7000 stores various data sent from a communication terminal3 and a service providing system 5.

Further, the storage part 7000 includes an authentication management DB7001. The authentication management DB 7001 has a form of anauthentication management table that will be described now. Below, thetable will be described in detail.

(Authentication Management Table)

FIG. 12A is a conceptual diagram illustrating one example of theauthentication management table of the authentication system 7 a. FIG.12B is a conceptual diagram illustrating one example of theauthentication management table of the authentication system 7 b. FIG.12C is a conceptual diagram illustrating one example of theauthentication management table of the authentication system 7 c.

Each of the authentication management tables associates the user IDs(the to-be-authenticated sections) out of the terminal IDs withpasswords, and stores and manages these items of information.

(Various Functions of Authentication Systems)

Next, with the use of FIG. 7, the various functions of theauthentication systems 7 will be described in detail.

The transmitting and receiving part 71 of an authentication system 7 isimplemented mainly by instructions from the CPU 501 illustrated in FIG.6 and by the network I/F 509, to transmit/receive various data (orinformation) such as IDs and requests, to/from a communication terminal3 and a service providing system 5 through the communication network 9.

The authentication part 72 is implemented mainly by instructions fromthe CPU 501 illustrated in FIG. 6, to determine whether a communicationterminal 3 that has transmitted an authentication request is anauthorized communication terminal 3 that can receive a service, toauthenticate the ID.

The storing and reading part 79 is implemented mainly by instructionsfrom the CPU 501 illustrated in FIG. 6 and by the HDD 505, to storevarious data (or information) in the storage part 7000 and to readvarious data (or information) from the storage part 7000.

<<Process and Operation of Embodiment>>

Next, with the use of FIGS. 13-22B, a process and an operation of theembodiment will be described in detail. FIGS. 13 and 15 are sequencediagrams illustrating one example of an authentication process. FIG. 14illustrates an example of a displayed authentication agent selectionscreen page.

As illustrated in FIG. 13, the transmitting and receiving part 31 of acommunication terminal 3 transmits a login request to a serviceproviding system 5 (step S21). This request includes the terminal ID ofthe communication terminal 3. Further, at this time, the transmittingand receiving part 31 transmits the IP address of the communicationterminal 3. Thus, the transmitting and receiving part 51 of the serviceproviding system 5 receives the login request and the IP address of thecommunication terminal 3.

Next, the determination part 54 of the service providing system 5determines whether the terminal ID received in step S21 has been managedin the state management table (step S22). Below, a case where theterminal ID has not been managed will be described.

The transmitting and receiving part 51 of the service providing system 5transmits to the communication terminal 3 data of an authenticationagent selection screen page (step S23). Thus, the transmitting andreceiving part 31 of the communication terminal 3 receives the data ofthe authentication agent selection screen page.

Next, the display control part 33 of the communication terminal 3displays on the display 317 the authentication agent selection screenpage s1 such as the screen page illustrated in FIG. 14 (step S24). FIG.14 illustrates an example of the screen page displayed on the PC as thecommunication terminal 3 b. The authentication agent selection screenpage s1 includes a terminal ID input field b1, a password input fieldb2, and a login button b3 to request login (to make an authenticationrequest). Further, the authentication agent selection screen page s1includes authentication system selection buttons a1, a2, and a3 toselect the authentication systems 7 a, 7 b, and 7 c, respectively. Inresponse to the user's inputting the own terminal ID to the input fieldb1, inputting the own password in the input field b2, pressing a desiredbutton out of the authentication system selection buttons a1, a2, anda3, and pressing the login button b3, the receiving part 32 receives thecorresponding inputs and selection (step S25).

Note that, the authentication system selection buttons a1, a2, and a3are previously associated with the URLs of the authentication systems 7,respectively.

Next, the determination part 37 determines, out of the code of theterminal ID received by the receiving part 32, the user ID(to-be-authenticated section) (step S26). At this time, thedetermination part 37 determines the user ID on the basis of apredetermined rule (step S26). For example, in a case where the terminalID has the contents as illustrated in FIG. 9A or FIG. 9B, the sectionbefore the symbol “/” after “com” is determined as the user ID.

Next, on the basis of the URL of the authentication system 7corresponding to the selection button received by the receiving part 32,the transmitting and receiving part 31 transmits an authenticationrequest for the ID (i.e., the user ID) to the correspondingauthentication system 7 (step S27). The authentication request includesthe user ID received in step S26 and the password received in step S25.Further, at this time, the transmitting and receiving part 31 transmitsalso the IP address of the communication terminal 3. Thus, thetransmitting and receiving part 51 of the service providing system 5receives the authentication request for the ID and the IP address of thecommunication terminal 3.

Next, the storing and reading part 79 of the authentication system 7searches the authentication management table with the set of the user ID(to-be-authenticated section) and the password received in step S27 as asearch key for the same set of the to-be-authenticated section and thepassword. Then, with the use of the search result, the authenticationpart 72 performs the authentication (step S28). The authentication part72 determines that, in a case where the same set of theto-be-authenticated section and the password has been managed in theauthentication management table, the user of the communication terminal3 is an authorized user to receive a service from a service providingsystem 5. However, in a case where the same set of theto-be-authenticated section and the password has not been managed in theauthentication management table, the authentication part 72 determinesthat the communication terminal 3 is not an authorized user to receive aservice from a service providing system 5.

Note that, in step S28, the communication terminal 3 determines the userID (to-be-authenticated section) out of the terminal ID. However, anembodiment is not limited to this configuration. For example, acommunication terminal 3 may transmit the terminal ID to a serviceproviding system, and the service providing system 5 may determine theuser ID and transmit the user ID to an authentication system 7. Further,a communication terminal 3 may transmit to an authentication system 7the terminal ID, and the authentication system 7 may determine the userID and authenticate the user ID.

Next, as illustrated in FIG. 15, the authentication part 72 of theauthentication system 7 encrypts a token (a transmission right) (stepS41). Then, on the basis of the IP address of the communication terminal3 received in step S27, the transmitting and receiving part 71 transmitsthe authentication result for the ID to the communication terminal 3(step S42). The authentication result indicates whether thecommunication terminal 3 is authorized and the authentication resultincludes the token encrypted in step S41. Thus, the transmitting andreceiving part 31 of the communication terminal 3 receives theauthentication result for the user. Below, a case where the user isauthorized will be described.

Note that if the user is not authorized, that is, if the authenticationresult in step S28 of FIG. 13 is negative, the transmitting andreceiving part 71 of the authentication system 7 performs, for example,error output to the communication terminal 3 (i.e., the request source)that transmitted the authentication request for the ID in step S27.Further, in this case, step S41 of encrypting the token is skipped, and,therefore, in step S42, the encrypted token is not transmitted.

The transmitting and receiving part 31 of the communication terminal 3transmits to the service providing system 5 a request to establish asession (step S43). This request to establish a session includes theterminal ID and the encrypted token received in step 42. Thus, thetransmitting and receiving part 51 of the service providing system 5receives the request to establish a session.

Next, the authentication part 52 of the service providing system 5decrypts the encrypted token received in step S43 (step S44). Note thatthe authentication part 52 of the service providing system 5 and theauthentication part 72 of the authentication system 7 previously havethe same common key (or public key), and therefore, the authenticationpart 52 can decrypt the token.

Next, on the basis of the decrypted token, the authentication part 52authenticates the token (step S45). In response to the authentication instep S45 being successful, the service providing system 5 manages thecommunication state of the communication terminal 3 and a communicationobject (step S46). In response to the authentication in step S45 beingnot successful, the transmitting and receiving part 51 performs an erroroutput to the communication terminal 3 that is the request source, forexample.

Next, with the use of FIG. 16, the managing of the communication stateof the communication terminal 3 and a communication object performed bythe service providing system 5 will be described. FIG. 16 is a flowchartillustrating one example of managing of the communication state of acommunication terminal and a communication object.

As illustrated in FIG. 16, first, the search part 53 searches the statemanagement table of FIG. 8 and counts pieces of communication stateinformation that indicate online states, out of pieces of communicationstate information associated with the other terminal IDs including thesame user ID as the user ID included in the terminal ID of thecommunication terminal 3 of the request source (step S46-1). Then, thedetermination part 54 determines whether the thus obtained number ofpieces of communication state information is less than a predeterminednumber (for example, 10) (step S46-2). In a case where the number ofpieces of communication state information is less than the predeterminednumber (YES) as a result of the search by the search part 53, thestoring and reading part 59 associates the terminal ID of thecommunication terminal 3 that is the request source, communication stateinformation that indicates an online state, and the IP address of thesame communication terminal 3 with each other and manages these items ofinformation in the state management table (step S46-3). This means thatcommunication to be performed by the communication terminal 3 that isthe request source is permitted.

Next, the storing and reading part 59 retrieves from the statemanagement table the other terminal IDs that include the same user IDsas the user ID included in the terminal ID of the communication terminal3 of the request source and that are terminal IDs having pieces ofcommunication state information that indicate being online (step S46-4).Then, the storing and reading part 59 associates the terminal ID of thecommunication terminal 3 of the request source as a terminal ID of a“communication source” in a record with the other terminal IDs retrievedin step S46-1 as terminal IDs of “communication destinations” in therecord and manages these items of information in the communicationobject management table (step S46-5). In addition, the storing andreading part 59 associates the terminal ID of the communication terminalof the request source as a terminal ID in “communication destination”fields of the communication object management table with the otherterminal IDs retrieved in step S46-1 as terminal IDs in “communicationsource” fields in the communication object management table and managesthese items of information (step S46-6). Then, the storing and readingpart 59 outputs from the storage part 5000 data of a service providingscreen page that is previously stored (step S46-7).

However, in a case where, in step S46-2, as a result of the search bythe search part 53, the number of pieces of communication stateinformation that indicate online states is greater than or equal to thepredetermined number (NO), this means that the upper limit of thepermissible number of communication terminals of the same user that thesame user can use to perform communication among these communicationterminals is exceeded and therefore the communication terminal 3 of therequest source is not permitted to perform communication. Thus, thestoring and reading part 59 associates the terminal ID of thecommunication terminal 3 of the request source with communication stateinformation that indicates an offline state in the state managementtable (step S46-8). In this case, at the time of the first of themanaged communication state information to indicate an offline state, asillustrated in FIG. 8, the communication state information is managed as“offline (1)”, and the next of the managed communication stateinformation to indicate an offline state is managed as “offline (2)”.

These numerals (1) and (2) indicate the order of waiting for becomingonline (as will be described later concerning FIG. 21, in particular,step S84). Then, the storing and reading part 59 outputs data of awaiting state screen page that is previously stored in the storage part5000 (step S46-9).

Next, returning to FIG. 15, the transmitting and receiving part 51 ofthe service providing system 5 transmits, to the communication terminal3 of the request source, request result information that indicates arequest result responsive to step S43 (step S47). Thus, the transmittingand receiving part 31 of the communication terminal 3 receives therequest result information.

Next, the display control part 33 of the communication terminal 3 of therequest source displays on the display 317 of the communication terminal3 (in this case, the communication terminal 3 b) image data included inthe request result information (step S48). In this case, in a case wherethe request result information includes the data of the serviceproviding screen page, the display control part 33 displays the serviceproviding screen page s2 illustrated in FIG. 17A.

The service providing screen page s2 indicates that it is possible toreceive a service. In this case, for example, the service providingscreen page s2 indicates the service contents showing that the user canperform remote control of another communication terminal 3 of the sameuser.

The data of the service providing screen page s2 further includes aninput field b21 for the user to input the terminal ID of anothercommunication terminal that is the remote control object and a “SERVICESTART REQUEST” button b22 for the user, after inputting the terminal IDin the input field b21, to request an actual start of the service.

In contrast, in a case where the request result information includes thewaiting state screen page, the display control part 33 displays thewaiting state screen page s3 illustrated in FIG. 17B. The waiting statescreen page s3 indicates that the communication terminal 3 of therequest source that has requested login cannot receive a service: theuser is in a waiting state. In this case, for example, the waiting statescreen page s3 indicates that the user cannot perform remote control ofanother communication terminal 3 of the same user: the user is in awaiting state until being allowed to perform remote control.

Further, the waiting state screen page s3 includes an input field b31that is masked so as to prevent the user from inputting the terminal IDof another communication terminal that is the remote control object andan “OK” button for the user understanding the contents of the displayedscreen page s3 to press to close the waiting state screen page s3.

Note that, in step S22 described above, in a case where the terminal IDreceived in step S21 has been managed in the state management table, thetransmitting and receiving part 51 performs error output to thecommunication terminal 3 (i.e., the request source) that transmitted thelogin request, for example.

Next, with the use of FIGS. 18-20B, as an example of providing aservice, a remote control service for implementing remote control fromthe communication terminal 3 b to the communication terminal 3 a will bedescribed. FIG. 18 is a sequence diagram illustrating one example of aremote control process. Note that, it is assumed that the communicationterminals 3 a and 3 b are communication terminals of the same user.Further, it is also assumed that, in the communication object managementtable, the terminal IDs of the communication terminals 3 a and 3 b havebeen managed as terminal IDs of communication sources, respectively, andalso, the respective terminal IDs of the communication terminals 3 a and3 b have been managed as terminal IDs of communication destinations withwhich communication is possible, respectively; and therefore, thecommunication terminals 3 a and 3 b are in a state where remote controlcan be started from the communication terminal 3 a to the communicationterminal 3 b, and also, remote control can be started from thecommunication terminal 3 b to the communication terminal 3 a.

In this case, for example, although the user can receive respectiveservices separately with the use of differing terminal IDs (for example,the terminal IDs in the first and second records of the state managementtable of FIG. 8) concerning the communication terminals 3 a and 3 b, anauthentication system 7 performs the same authentication operations withthe use of a set of a common user ID as a to-be-authenticated section(for example, “asai@myhost.ricoo.com” in the authentication managementtable of FIG. 12A) for the respective terminal IDs of the communicationterminals 3 a and 3 b and a password (in this case, “aaaa”). Therefore,the user need not register terminal IDs and passwords, respectively, forthe plurality of authentication operations concerning the communicationterminals 3 a and 3 b.

In the sequence diagram of FIG. 18, in response to the user of thecommunication terminal 3 b inputting in an input field b21 illustratedin FIG.

17A the terminal ID of the communication terminal 3 a that is a remotecontrol object and pressing a “SERVICE START REQUEST” button b22, thereceiving part 32 of the communication terminal 3 b receives thedesignation of the remote control object and the request to start remotecontrol (step S61). In this example, as one example of remote control,the communication terminal 3 b requests the communication terminal 3 ato start capturing an image by the photographing apparatus 10. Thus, thetransmitting and receiving part 31 of the communication terminal 3 btransmits to a service providing system 5 a communication start request(in this example, a request to start remote control) (step S62). Thecommunication start request includes the terminal ID of thecommunication terminal 3 b of the request source (i.e., the remotecontrol source) and the terminal ID of the communication terminal 3 athat is the request destination (i.e., the remote control destination).Thus, the transmitting and receiving part 51 of the service providingsystem 5 receives the communication start request.

Next, the service providing system 5 determines whether remote controlis possible (step S63). Below, with the use of FIG. 19, a process ofdetermining whether remote control is possible will be described indetail. FIG. 19 is a flowchart illustrating one example of a process ofdetermining whether remote control is possible.

As illustrated in FIG. 19, the search part 53 searches, in thecommunication object management table, the fields of terminal IDs ofcommunication sources and the fields of terminal IDs of communicationdestinations with which communication is possible with the use of therespective terminal IDs of the communication terminal 3 b and thecommunication terminal 3 a received in step 62 as search keys (stepS63-1).

Next, the determination part 54 determines whether the respectiveterminal IDs of the communication terminal 3 b and the communicationterminal 3 a are associated with one another as a communication sourceand a communication destination and managed in the same record (stepS63-2). In a case where the determination part 54 determines that thesecommunication communication terminals have been associated with oneanother as a communication source and a communication destination andmanaged in the same record (YES), the process of step 63 ends.

However, in a case where the determination part 54 determines that thesecommunication terminals are not managed as being associated with oneanother as a communication source and a communication destination in thesame record (NO), the storing and reading part 59 outputs data of acommunication not possible screen page (i.e., a remote control notpossible screen page) previously stored in the storage part 5000 (stepS63-4). In this case, returning to FIG. 18, the transmitting andreceiving part 51 transmits, to the communication terminal 3 b, requestresult information that includes data of a request result screen pageand indicates that communication is not possible (step S64). Thus, thetransmitting and receiving part 31 of the communication terminal 3 breceives the request result information. In this case, in step S71 thatwill be described later, the display control part 33 of thecommunication terminal 3 b displays the remote control not possiblescreen page s4 such as the screen page illustrated in FIG. 20A on thedisplay 317.

Hereinafter, the description will be continued for a case where thedetermination part 54 determines that the communication terminals areassociated with one another as a communication source and acommunication destination and managed in the same record (YES in stepS63-2).

As illustrated in FIG. 18, the storing and reading part 59 searches thestate management table with the use of the terminal ID of thecommunication terminal 3 a that is the communication destination,received in step S62, to retrieve the IP address of the correspondingcommunication terminal 3 a (step S65). Then, the transmitting andreceiving part 51 transmits, to the communication terminal 3 aidentified by the IP address retrieved in step S65, a communicationstart request (i.e., a remote control start request) (step S66). Thecommunication start request includes the terminal ID of thecommunication terminal 3 b that is the request source and the terminalID of the communication terminal 3 a that is the request destination.Thus, the transmitting and receiving part 31 of the communicationterminal 3 a receives the communication start request.

Next, the short-range communication part 38 of the communicationterminal 3 a prepares for remote control to cause the photographingapparatus 10 to start capturing an image of a subject, a scene, or thelike (step S67). As a result, the transmitting and receiving part 31 ofthe communication terminal 3 a transmits, to the service providingsystem 5, a request result responsive to the communication start request(i.e., a result indicating that the preparation has been completed)(step S68). Thus, the transmitting and receiving part 51 of the serviceproviding system 5 receives the request result.

Next, the storing and reading part 59 of the service providing system 5outputs previously stored data of a communication possible screen page(i.e., a remote control possible screen page s5) (step S69). Then, thetransmitting and receiving part 51 transmits, to the communicationterminal 3 b that is the request source of step S62, request resultinformation that includes the data of the communication possible screenpage and indicates that communication is possible (step S70). Thus, thetransmitting and receiving part 31 of the communication terminal 3 breceives the request result information.

Next, the display control part 33 of the communication terminal 3 bdisplays the remote control possible screen page s5 such as the screenpage illustrated in FIG. 20B on the display 317. Note that the remotecontrol not possible screen page s4 illustrated in FIG. 20A indicatesthat the communication destination is not the communication terminal ofthe user of the request source and therefore the user cannot performcommunication. The remote control not possible screen page s4 includesan “OK” button b42 for the user understanding the displayed screen pages4, to close the remote control not possible screen page s4. Incontrast, the remote control possible screen page s5 illustrated in FIG.20B indicates that the user can perform communication, because thecommunication terminal 3 a of the request destination is thecommunication terminal of the user of the request source. The remotecontrol possible screen page s5 further includes a “START REMOTECONTROL” button b52 for the user to actually start remote control. Inresponse to the user's pressing the “START REMOTE CONTROL” button b52,the communication terminal 3 a, for example, comes to be able to performremote control of the photographing apparatus 10 such as to start andend capturing an image.

Next, with the use of FIGS. 21, 22A, and 22B, a process where acommunication terminal 3 requests a service providing system 5 to logout will be described. FIG. 21 is a sequence diagram illustrating oneexample of a logout process. FIGS. 22A and 22B illustrate examples oflogout screen pages. Note that a logout screen page can be displayed onthe display 317 in response to, for example, the user of a communicationterminal 3 performing a predetermined operation on the communicationterminal 3.

As illustrated in FIG. 21, in response to the user pressing a “LOGOUT”button b62 included in a logout request screen page s6 (see FIG. 22B)displayed on the display 317 by the display control part 33 of acommunication terminal 3, the receiving part 32 receives the logoutrequest (step S81).

Next, the transmitting and receiving part 31 transmits to a serviceproviding system 5 a logout request (step S82). The logout requestincludes the terminal ID of the communication terminal 3 of the requestsource. Thus, the transmitting and receiving part 51 of the serviceproviding system 5 receives the logout request.

Next, the removing part 55 of the service providing system 5 removesfrom the state management table the record that includes the terminal IDof the communication terminal 3 that is the request source (step S83).Further, in a case where the communication state information, associatedwith a terminal ID that includes the same user ID as the user IDincluded in the terminal ID included in the record that is thus removedby the removing part 55, indicates an offline state, the storing andreading part 59 changes the communication state information from offlineto online and manages the changed communication state information in thestate management table (step S84). Note that in a case where there are aplurality of pieces of communication state information having offlinestates associated with the terminal IDs including the same user IDs asthe user ID of the terminal ID included in the record thus removed bythe removing part 55 in the communication state management table, thestoring and reading part 59 changes the piece of the communication stateinformation to online according to the order of the transmitting andreceiving part 51 receiving the login requests from the respectivecommunication terminals 3. For example, in a case of the statemanagement table illustrated in FIG. 8, in response to a recordincluding a terminal ID being removed, the communication stateinformation of offline (1) associated with a terminal ID including thesame user ID included in the terminal ID of the removed record ischanged to online. Then, in response to a record including a terminal IDhaving the same user ID being removed subsequently, the communicationstate information of offline (2) associated with a terminal ID includingthe same user ID included in the terminal ID of the removed record ischanged to online.

Thus, communication state information of a communication terminal 3 oncemanaged with the communication state information of offline as a resultof the upper limit of the permissible number of communication terminalsof the same user that the same user can use to perform communicationamong these communication terminals being exceeded is changed to onlineas a result of another communication terminal 3 of the same user loggingout. As a result, communication by the communication terminal 3 forwhich the communication state information has been thus changed toonline becomes possible.

Next, the removing part 55 removes from the communication objectmanagement table the record including the terminal ID of thecommunication terminal 3 of the request source managed in the“communication source” field (step S85). Further, the removing part 55removes from the “communication destination” fields of the communicationobject management table the terminal ID of the communication terminal 3of the request source (step S86).

Next, the transmitting and receiving part 51 transmits to thecommunication terminal 3 of the request source a logout completionreport. Thus, the transmitting and receiving part 31 of thecommunication terminal 3 of the request source receives the logoutcompletion report. Then, the display control part 33 of thecommunication terminal 3 of the request source displays on the display317 a logout completion screen page s7 such as the screen pageillustrated in FIG. 22B. The logout completion screen page s7 indicatesthat logout has been completed. The logout completion screen page s7further includes an “OK” button b72 for the user understanding thecontents of the displayed screen page s7 to close the logout completionscreen page s7.

<<Main Advantageous Effects of Embodiment>>

Thus, according to the embodiment, a terminal ID includes a user ID (ato-be-authenticated section) and a not-to-be-authenticated section.Therefore, once a to-be-authenticated section and a password areregistered; for a case where the user uses a plurality of communicationterminals having differing not-to-be-authenticated sections, the userneed not perform a plurality of registering operations for therespective communication terminals. Thus, troublesomeness to the usercan be avoided.

Further, a service providing system 5 uses a method where, in thecommunication object management table, a plurality of terminal IDs thatinclude a common user ID, i.e., a to-be-authenticated section, andidentify differing communication terminals are associated with eachother as respective terminal IDs of communication sources andcommunication destinations that can perform communication with thecommunication sources: this method makes the management easier. Further,as described above concerning a process such as step S63-2 of FIG. 19,communication is permitted only between communication terminals of thesame user. Therefore, it is possible to prevent, for example, a userfrom freely performing remote control of a communication terminal ofanother user, and thus, security can be easily maintained.

Further, a service providing system 5 uses a method where, in the statemanagement table, a terminal ID that includes a user ID is used toidentify a communication terminal that has requested login and isassociated with communication state information that indicates acommunication state of the communication terminal and is managed; thismethod enables easier registration of a communication terminal to beused to receive a service. Further, as described above concerning aprocess such as step S46-2 of FIG. 16, the number of communicationterminals, even though the communication terminals are communicationterminals of the same user, permitted to perform communication with eachother is limited to a predetermined number. Thus, according to a serviceproviding system, not only it is possible to easily registercommunication terminals of users but also it is possible to reduce aload of a server system that provides a service.

Further, it is possible to easily achieve fairness among users (forexample, it is possible to prevent a service providing system 5 frombeing used only by a certain user). According to the embodiment, asdescribed above, even in a case where a user will use a plurality ofcommunication terminals having differing not-to-be-authenticatedsections, the user need not perform a registering operation for each ofthe communication terminals. Thus, troublesomeness to the user can beavoided. As a result, a user may log in many communication terminals toa service providing system 5 and generate many sessions to receiveservices by using these communication terminals. Even in such asituation, as a result of the number of communication terminals, eventhough the communication terminals are communication terminals of thesame user, permitted to perform communication with each other beinglimited to a predetermined number as described above, it is possible toeasily achieve fairness among users (for example, it is possible toprevent a service providing system 5 from being used only by a certainuser).

Further, in the communication object management table, aftercommunication terminals log in, a service providing system 5automatically registers (see steps S46-5 and S46-6), as communicationterminals that can perform communication with each other, only aplurality of terminal IDs of the same user for which communication stateinformation is managed as online in the state management table (see stepS46-3 of FIG. 16). Further, after a communication terminal logs out, aservice providing system 5 automatically removes from the communicationobject management table (see steps S85 and S86 of FIG. 21) the terminalID which is thus removed from the state management table (see step S83).By thus dynamically changing management of terminal IDs in thecommunication object management table in response to login and logout ofthe communication terminals, the user need not be aware of thecommunication object management table, and therefore, troublesomeness tothe user for preparing for starting communication can be avoided.

Thus, the service providing systems, the service delivery systems, theservice providing methods, and the non-transitory recording media havebeen described in the embodiment. However, the present invention is notlimited to the embodiment, and various modifications and improvementscan be made within the scope of the present invention.

[First Variant]

In the above-described embodiment, in step S25 of FIG. 13, the userinputs a terminal ID and a password. However, an embodiment is notlimited to this method. For example, in a case where a communicationterminal does not display a screen page for the user to inputinformation as in a case where the communication terminal is an electriccomponent, a terminal ID and a password previously stored in thecommunication terminal are transmitted to a service providing system instep S26. As a method to previously store a terminal ID and a passwordin a communication terminal, a method in which the terminal ID and thepassword are transmitted from another PC to the communication terminalthrough a communication network; a method in which a recording medium (aSIM card or the like) in which the terminal ID and the password arerecorded is inserted in the communication terminal and the terminal IDand the password are transmitted to the communication terminal from therecording medium; and so forth can be cited.

DESCRIPTION OF REFERENCE SIGNS

1 service delivery system

3 communication terminal

3 a communication terminal (one example of a second communicationterminal)

3 b communication terminal (one example of a first communicationterminal)

3 c communication terminal

5 service providing system

5 a service providing system

5 b service providing system

7 authentication system

7 a authentication system

7 b authentication system

7 c authentication system

9 communication network

10 photographing apparatus

51 transmitting and receiving part (one example of a receiving part andone example of a transmitting part)

52 authentication part (one example of an authentication part)

53 search part (one example of a search part)

54 determination part (one example of a determination part)

55 removing part (one example of a removing part)

59 storing and reading part

5000 storage part

5001 state management DB (one example of a state management part)

5002 authentication system management DB

5003 communication object management DB (one example of a communicationobject management part)

RELATED ART DOCUMENT Patent Document

-   Patent Document 1: Japanese Unexamined Patent Application    Publication No. 2015-201827

What is claimed is:
 1. A service providing system for providing aservice to a communication terminal, the service providing systemcomprising: a processor configured to associate with one another aplurality of pieces of terminal identification information foridentifying different communication terminals and to manage theplurality of pieces of terminal identification information, each of theplurality of pieces of terminal identification information includinguser identification information that is a to-be-authenticated section tobe used to authenticate a user and is common to the plurality of piecesof terminal identification information, the processor being furtherconfigured to manage and associate the plurality of pieces of terminalidentification information with one another as a piece of terminalidentification information for a communication source and a piece ofterminal management information for a communication destination that canperform communication with the communication source; to receive from afirst communication terminal as a communication source a first piece ofterminal identification information for identifying the firstcommunication terminal and a second piece of terminal identificationinformation for identifying a second communication terminal as acommunication destination; and in response to receiving the first pieceof terminal identification information and the second piece of terminalidentification information, to transmit a request to the secondcommunication terminal to start communication with the firstcommunication terminal for a case where the first piece of terminalidentification information and the second piece of terminalidentification information are managed and associated with one anotherand not to transmit a request to the second communication terminal tostart communication with the first communication terminal for a casewhere the first piece of terminal identification information and thesecond piece of terminal identification information are not managed asbeing associated with one another.
 2. The service providing systemaccording to claim 1, wherein the processor is further configured to,for a case where the first piece of terminal identification informationand the second piece of terminal identification information are notmanaged as being associated with one another, transmit to the firstcommunication terminal request result information indicating thatcommunication with the second communication terminal is not possible. 3.The service providing system according to claim 1, wherein the processoris further configured to when receiving a login request from acommunication terminal, receive a piece of terminal identificationinformation for identifying the communication terminal, and for a casewhere the piece of terminal identification information includes useridentification information the same as user identification informationof another piece of terminal identification information for identifyinganother communication terminal already managed, associate the piece ofterminal identification information of the communication terminal thathas transmitted the login request as a piece of terminal identificationinformation for a communication source with the another piece ofterminal identification information as a piece of terminalidentification information for a communication destination and managethe pieces of terminal identification information.
 4. The serviceproviding system according to claim 3, wherein the processor is furtherconfigured to associate the piece of terminal identification informationof the communication terminal that has transmitted the login request asa piece of terminal identification information for a communicationdestination with the another piece of terminal identificationinformation as a piece of terminal identification information for acommunication source and manages the pieces of terminal identificationinformation.
 5. The service providing system according to claim 1,wherein the processor is further configured to remove from beingmanaged, in response to receiving a logout request from a communicationterminal, a record where a piece of terminal identification informationfor identifying the communication terminal is managed as a piece ofterminal identification information for a communication source.
 6. Theservice providing system according to claim 5, wherein the processor isfurther configured to further remove from managing objects, in responseto receiving the logout request, a piece of terminal identificationinformation for identifying the communication terminal that hastransmitted the logout request, the piece of terminal identificationinformation having been managed as a piece of terminal identificationinformation for a communication destination.
 7. The service providingsystem according to claim 1, wherein the communication terminal is amobile terminal, an information processing terminal, a business machine,a home appliance, an electric component, a medical device, or anindustrial device.
 8. A service delivery system comprising: the serviceproviding system according to claim 1; and communication terminals.
 9. Aservice providing method executed by a service providing system that, ata time of providing a service to a communication terminal, causes anauthentication system to authenticate a user of the communicationterminal, the service providing method comprising: associating with oneanother by a processor a plurality of pieces of terminal identificationinformation for identifying communication terminals and managing theplurality of pieces of terminal identification information, each of theplurality of pieces of terminal identification information includinguser identification information that is a to-be-authenticated section tobe used to authenticate a user and is common to the plurality of piecesof terminal identification information, the processor managing andassociating the plurality of pieces of terminal identificationinformation with one another as a piece of terminal identificationinformation for a communication source and a piece of terminalidentification information for a communication destination that canperform communication with the communication source; receiving by aprocessor from a first communication terminal as a communication sourcea first piece of terminal identification information for identifying thefirst communication terminal and a second piece of terminalidentification information for identifying a second communicationterminal as a communication destination; and in response to receivingthe first piece of terminal identification information and the secondpiece of terminal identification information, transmitting by aprocessor a request to the second communication terminal to startcommunication with the first communication terminal for a case where thefirst piece of terminal identification information and the second pieceof terminal identification information are managed and associated withone another and not transmitting a request to the second communicationterminal to start communication with the first communication terminalfor a case where the first piece of terminal identification informationand the second piece of terminal identification information are notmanaged as being associated with one another.
 10. A non-transitoryrecording medium storing a program that causes a processor to executethe service providing method according to claim 9.